- Видео 68
- Просмотров 120 451
Medusa
Добавлен 27 окт 2021
Learning and Sharing stuff on API Hacking!
Web Cache Poisoning: Hunting Methodology & Real-World Examples
This video explores the Web Cache Poisoning vulnerability in detail. We'll cover essential concepts such as web caching, cache keys, cache hits, cache misses, and cache busters. You’ll also learn how to identify this vulnerability in web applications, complete with practical examples. By the end of the video, you’ll have a comprehensive understanding of all the key concepts related to web cache poisoning.
.
.
.
Blogs: medusa0xf.medium.com/
.
.
.
Social media:
Twitter: medusa_0xf
.
.
.
Discord: discord.com/invite/2PUPD3RHHs
.
.
HackerOne Report
hackerone.com/reports/1010858
.
.
.
Introduction: 0:00
Caching: 0:26
CDN Caching [Cache Miss & Hit]: 0:44
Cache Key: 1:28
Recon: 2:17
Web Cache Poisoning: 3:00
Ca...
.
.
.
Blogs: medusa0xf.medium.com/
.
.
.
Social media:
Twitter: medusa_0xf
.
.
.
Discord: discord.com/invite/2PUPD3RHHs
.
.
HackerOne Report
hackerone.com/reports/1010858
.
.
.
Introduction: 0:00
Caching: 0:26
CDN Caching [Cache Miss & Hit]: 0:44
Cache Key: 1:28
Recon: 2:17
Web Cache Poisoning: 3:00
Ca...
Просмотров: 2 902
Видео
The Danger of CWE-922 🎙 Snake Bytes Ep. 3: Data Dumpster
Просмотров 406Месяц назад
In this episode, we’re talking about CWE-922: Insecure Storage of Sensitive Information is a vulnerability where sensitive data (such as passwords, API keys, or personal information) is stored without proper security measures. This can include using weak or no encryption, hardcoding sensitive information in files or source code, or storing such data in unprotected locations (like browser storag...
Loose Locks: A Podcast with _smile_hacker_ 🎙 : Snake Bytes Ep. 2
Просмотров 296Месяц назад
In this episode of 'Loose Locks,' we dive into improper access control - a common security flaw where systems fail to restrict access to sensitive data or actions. Join us as we explore real-world examples, discuss why these vulnerabilities occur and how you can hunt for it. . . . Blogs: medusa0xf.medium.com/ . . . Social media of host: smilehaker.in/ x.com/_smile_hacker_ . . . Social Media: Tw...
How Missing Keys Leave Your Castle Open🎙 Snake Bytes Ep. 1: Barrier Bypass
Просмотров 311Месяц назад
In this episode, we’re talking about CWE-862: Missing Authorization. This is when apps forget to check who’s allowed in, leaving doors wide open for attackers. We’ll cover how these gaps happen, how hackers take advantage, and what you can do to close them. Whether you’re securing your own apps or testing others, learn how to spot these mistakes and keep your systems locked tight. . . . Blogs: ...
How To Exploit SSRF To Fetch AWS Credentials
Просмотров 1,5 тыс.2 месяца назад
This video covers SSRF vulnerability and how you can exploit it to fetch AWS meta data and credentials. . . . Blogs: medusa0xf.medium.com/ . . . Social media: Twitter: medusa_0xf . . . Discord: discord.com/invite/2PUPD3RHHs . . Links in the video: sirleeroyjenkins.medium.com/bypassing-ssrf-protection-to-exfiltrate-aws-metadata-from-larksuite-bf99a3599462 medium.com/@Parag_Bagul/ssrf...
OWASP API Top 10 - Broken Authentication
Просмотров 1,2 тыс.2 месяца назад
This video covers OWASP API Top 10 Broken Authentication category with multiple cases and examples. . . . Blogs: medusa0xf.medium.com/ . . . Social media: Twitter: medusa_0xf . . . Discord: discord.com/invite/2PUPD3RHHs . . Links in the video: hackerone.com/reports/17474 hackerone.com/reports/284 hackerone.com/reports/341372#:~:text=URL: https://hackerone,100 www.akto.io/blog/twilio...
XSS Using Indirect Prompt Injection | PART 5
Просмотров 3683 месяца назад
In this video, we'll see how to perform an XSS attack using indirect prompt injection in LLM. It also contains a walkthrough of "PortSwigger Lab: Exploiting Insecure Output Handling in LLMs." . . . If you're interested in reading: medusa0xf.com/posts/exploiting-insecure-output-handling-in-llms/ . . . Blogs: medusa0xf.medium.com/ . . . Social media: Twitter: medusa_0xf . . . Discord:...
LLM API Hacking | Indirect Prompt Injection in LLM APIs | PART 4
Просмотров 6143 месяца назад
This video discusses Indirect Prompt Injection in LLM APIs. We'll explore how it happens and perform a practical lab to understand this vulnerability better. . . . If you're interested in reading: medusa0xf.com/posts/indirect-prompt-injection/ . . . Blogs: medusa0xf.medium.com/ . . . Social media: Twitter: medusa_0xf . . . Discord: discord.com/invite/2PUPD3RHHs . . Like and Subscrib...
LLM API Hacking | OS Command Injection in LLM APIs | PART 3
Просмотров 6173 месяца назад
This video discusses OS command injection in LLM APIs. We'll explore how it happens and perform practical lab to understand this vulnerability better. . . . If you're interested in reading: medusa0xf.com/posts/exploiting-vulnerabilities-in-llm-apis/ . . Blogs: medusa0xf.medium.com/ . . . Social media: Twitter: medusa_0xf . . . Discord: discord.com/invite/2PUPD3RHHs . . Music by Karl...
LLM API Hacking | Excessive Agency | PART 2
Просмотров 4574 месяца назад
This video discusses the excessive agency vulnerability in LLM APIs. We'll explore how it happens and perform practical lab to understand this vulnerability better. . . . If you're interested in reading: medusa0xf.com/posts/exploiting-llm-apis-with-excessive-agency/ . . Blogs: medusa0xf.medium.com/ . . . Social media: Twitter: medusa_0xf . . . Discord: discord.com/invite/2PUPD3RHHs ...
LLM API Hacking | Introduction | PART 1
Просмотров 2,8 тыс.4 месяца назад
This video is an introduction to LLM (Large Language Model). We'll look at how the LLM API works and its vulnerabilities. . . . If you're interested in reading: medusa0xf.com/posts/what-is-llm-apis-and-how-they-work/ . . Blogs: medusa0xf.medium.com/ . . . Social media: Twitter: medusa_0xf . . . Discord: discord.com/invite/2PUPD3RHHs . . . . Like and Subscribe :) . . . #api #owasp #p...
HTTP Parameter Pollution VS Mass Assignment
Просмотров 4484 месяца назад
In this video, we will explore the difference between http parameter pollution and mass assignment vulnerability. . . . If you're interested in reading: medusa0xf.com/posts/http-parameter-pollution-vs-mass-assignment/ . . Blogs: medusa0xf.medium.com/ . . . Social media: Twitter: medusa_0xf . . . Discord: discord.com/invite/2PUPD3RHHs . . . . Like and Subscribe :) . . . #api #owasp #...
IDOR In Shopify GraphQL API | Report Explained
Просмотров 8716 месяцев назад
This video explains Insecure Direct Object Reference vulnerability In Shopify GraphQL API reported in hackerone. . . Hackerone report: hackerone.com/reports/2207248 . . . Blogs: medusa0xf.medium.com/ . . . Social media: Twitter: medusa_0xf . . . Discord: discord.com/invite/2PUPD3RHHs . . . Like and Subscribe :) . . . #api #hackerone #owasp #portswigger #bugbounty #bola #postman #pen...
Server-Side Parameter Pollution in REST APIs
Просмотров 9908 месяцев назад
This video is about Server Side Parameter Pollution in REST APIs. . . Intro: 0:00 How path parameter work? 0:54 Example Code: 2:18 Path Normalization: 3:23 Practical Demo: 4:55 . . . Blogs: medusa0xf.medium.com/ . . . Social media: Twitter: medusa_0xf . . . Discord: discord.gg/PxnSVEE33T . . Music by Karl Casey @White Bat Audio . Like and Subscribe :) . . . #api #owasp #portswigger ...
Exploring Server-Side Parameter Pollution: Real Case Scenario, Parameter Precedence, and More!
Просмотров 6778 месяцев назад
This video is about Server Side Parameter Pollution It covers: Intro: 0:00 HTTP Parameter Pollution 0:15 Real Case BB Report Explained Parameter Precedence 1:45 Server Side Parameter Pollution Testing 3:14 Practical Demonstration - SSPP in Query String 7:29 - Analyzing JS file to find hidden param 11:41 Blog: shahjerry33.medium.com/http-parameter-pollution-its-contaminated-again-95c75b0295e1 . ...
Performing CSRF exploits over GraphQL
Просмотров 7279 месяцев назад
Performing CSRF exploits over GraphQL
Bypassing GraphQL Brute-Force Protections
Просмотров 4649 месяцев назад
Bypassing GraphQL Brute-Force Protections
Accidental Exposure of Private GraphQL Fields
Просмотров 33810 месяцев назад
Accidental Exposure of Private GraphQL Fields
Exploiting Mass Assignment Vulnerability in API | PortSwigger
Просмотров 77110 месяцев назад
Exploiting Mass Assignment Vulnerability in API | PortSwigger
How Can Fuzzing Help You Find Hidden API Endpoints?
Просмотров 6 тыс.10 месяцев назад
How Can Fuzzing Help You Find Hidden API Endpoints?
How Hackers Exploit API Endpoints Using Documentation?
Просмотров 6 тыс.10 месяцев назад
How Hackers Exploit API Endpoints Using Documentation?
How To Perform DOS Attack in GraphQL | Circular Relationship | Prevention
Просмотров 59211 месяцев назад
How To Perform DOS Attack in GraphQL | Circular Relationship | Prevention
How Broken Functionality Level Authorization Occurs? | Code Analysis and Prevention
Просмотров 95011 месяцев назад
How Broken Functionality Level Authorization Occurs? | Code Analysis and Prevention
How to Discover API Subdomains? | Subdomain Enumeration | API Hacking
Просмотров 1,2 тыс.Год назад
How to Discover API Subdomains? | Subdomain Enumeration | API Hacking
How Mass Assignment Gives You Admin Privileges? | APIs | Code Examples |
Просмотров 592Год назад
How Mass Assignment Gives You Admin Privileges? | APIs | Code Examples |
JWT authentication bypass via 'X-HTTP-Method-Override' Header
Просмотров 3,5 тыс.Год назад
JWT authentication bypass via 'X-HTTP-Method-Override' Header
How BOLA in API Endpoint can lead to Account Takeover | Postman | API Security
Просмотров 990Год назад
How BOLA in API Endpoint can lead to Account Takeover | Postman | API Security
Bypass JWT Authentication By Bruteforcing Secret Key | PortSwigger |
Просмотров 1,6 тыс.Год назад
Bypass JWT Authentication By Bruteforcing Secret Key | PortSwigger |
Great Content, but the background shouldn't be flickering.
Unable to focus while stuff running on the background with distracting music, it would be better if the video is some calm or lofi stuff.
xoss crush 😁
Great explanation. Thanks
well put together
Glad you liked it!
Medusa reminds me modlishka. Anyway great explanation. Some more points - you have worked on lazy loading cache hit and cache miss architecture that has a condition that this type if cache poisioning is only real of cache is updated. There are some more architecture you may want to explore, its write through and session storing. For write through architecture , cache cant be poisoned or updated to be delivered to multiple users for same content if you are not writing to DB. For session storing cached architecture mechanisms xss will fall short and you may want to try csrf.
How about you share some articles for this on my server?
Please make this sort of video for Oauth misconfiguration as well
Noted
Ps : don't use glitch screen background when explaining something, it's uncomfortable
How comfortable is that when you have your website hosting different image or probably your user poset is changed or someone rides csrf and transfer legit amount from your digital wallet to some of your friend that you don't know. Get used it if you are blue 🔵, life will be less stressful 😊
Agree
Yup it's kinda make us distract
Okay
Nice video
Thank you!
great explaination, loved it.
Thank you!
Nice informative,+1 subscriber
Nice one!
Thanks!
Yo man hook me up with some BAC resources (not basics)
You should hear this podcast. ruclips.net/video/w4-_wd_ReX4/видео.htmlsi=hnBOCR2AioksJdFH
@@Medusa0xf I hate that smile do you have any other resources where you are the only one like same as this video. I love your blog but it's very nice to see any video on that. If you don't mind Medusa I'm doing fully manual testing now including BAC,Auth and OAuth so can you tell me am I missing out on something here ?
Voice 😍
Love the animation and the informative video - thanks a bunch!
i'm glad!
I don't know how can i say thank you, it's just an amazing lesson and a very clear speech, especially your voice😍 and I want to tell you my heart See My Profile i want Response Am Just kidding You are the first person who helped me to learn Penetration Testing easily thank you very much Medusa .💖🤗😬😄
Nice explanation
Thank you!
really good!
glad you enjoyed it!
So good!💥
Thanks!
where did you get your wordlist?
thanks for your videos , my hacking skills are getting better every time
Nice one
Thank you!
Keep doing✨✨ Also please add some more questions
Thanks for the feedback! 👀
@@Medusa0xf , all the best for your podcasting endeavors! May your passion for bug bounty shine through in every episode!
I am one year late
very good
Thanks
cool lab!
Thanks!
your voice is so peaceful, I liked this so much!🥰🥰
Thanks
it does not work!
Hello, informative video. But how do we identify or analyse that which endpoint we should look or at which endpoint should we give more time
@@HarshitShukla-b9y you should give time to those endpoints that is performing some action like updating password, changing email, fetching user info, inviting user etc..
Good content, thanks. But the way you kicked off the video with the background music, I thought you were going to tell us a Christmas story! 🤣🤣
@@5s4l1p1fcw lol really?
@@Medusa0xf Yes! lol
🏆
can you teach about api testing
I just discovered your channel and would love to see more videos on crAPI or other to the OWASP API Security Top 10. Congratulations on your work!
@@z4l1nux hey, I appreciate your comment 💚
Very nice and concise tutorial
Glad you liked it
please low down the background music or just remove that
This is my eASMR
thanks for the video ^^
@@belve1337 💚
Nice one❤
@@felixkiprop48 thanks!
Yesterday i found out that magic ip addr but i didn't get anything. I just skipped it as glitches. But now i came across the video and wonder about it
👌
Hello
Thanks for making this video
No problem
great.
Thanks!